Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History
Cybersecurity researchers have discovered a malicious Google Chrome extension that's designed to steal data associated with Meta Business Suite and...
AndyC
Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.
npm’s Update to Harden Their Supply Chain, and Points to Consider
The Hacker NewsFeb 13, 2026Supply Chain Security / DevSecOps In December 2025, in response to the Sha1-Hulud incident, npm completed...
Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability
Threat actors have started to exploit a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote...
Top Security Incidents of 2025: The Emergence of the ChainedShark APT Group
In 2025, NSFOCUS Fuying Lab disclosed a new APT group targeting China’s scientific research sector, dubbed “ChainedShark” (tracking number: Actor240820)....
CVE-2026-1281 & CVE-2026-1340: Actively Exploited Pre-Authentication RCE in Ivanti EPMM
Approximately 1,600 Ivanti Endpoint Manager Mobile (EPMM) instances are currently exposed globally, creating a significant attack surface for enterprise mobile infrastructure....
How AutoSecT VMDR Tool Simplifies Vulnerability Management
As it is said, the ‘why’ and ‘how’ is much important than ‘should’. It’s exactly applicable in today’s cyberspace....
Be Breach Ready: The True North of Zero Trust 2.0 in the Age of Autonomous Cyberattacks
I was fascinated by the recent stories about the sudden ascension of Clawdbot, aka Moltbot, aka OpenClaw, driven by its capabilities and...
Facebook Hacked? How to Recover Your Account and Remove Rogue Page Admins
It usually starts with a small, uneasy moment. A login alert you don’t remember triggering. A password that suddenly doesn’t work. A friend asking...
Naming and shaming: How ransomware groups tighten the screws on victims
Ransomware When corporate data is exposed on a dedicated leak site, the consequences linger long after the attack fades from...
Examples of SAML Providers
What are saml providers and why do they matter for your enterprise Ever wonder how you can log into...
Demystifying SAML: The Basics of Secure Single Sign-On
The Password Nightmare and the SAML Savior Ever feel like your Monday morning is just one long login screen?...
Understanding Authentication Methods
The Real Cost of Legacy Authentication Ever wonder why we're still stuck typing "P@ssword123" in 2025 like it’s still...
Understanding WS-Trust: A Guide to Secure Token Exchange
What is WS-Trust and why we still use it? Ever wonder why some of the biggest banks and hospitals...
SaaS isn’t dead, the market is just becoming more hybrid
A new layer will emerge, Deloitte forecasts: Essentially, it will be “ enterprise AI operating system” that will govern, orchestrate,...
Odido confirms massive breach; 6.2 Million customers impacted
Odido confirms massive breach; 6.2 Million customers impacted Pierluigi Paganini February 12, 2026 Hackers accessed data from 6.2 million Odido...
